commit: 4778d9cbaca208869cb80f606db24d857c75aa3f Author: Ionen Wolkens <ionen <AT> gentoo <DOT> org> AuthorDate: Fri May 10 02:36:23 2024 +0000 Commit: Ionen Wolkens <ionen <AT> gentoo <DOT> org> CommitDate: Fri May 10 03:00:43 2024 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4778d9cb
dev-util/mingw64-toolchain: filter -fstack-protector* again Used to be done because it was straight up broken (couldn't build), but now it's successfully causing problems and it's not obvious for upstreams to fix these issues with mingw. There may be real issues in dxvk & others, but support for this is new in mingw (also only partial), and believe using this can be considered too experimental/early "here". Still allowing it with USE=custom-cflags for those that really want it and don't mind if it breaks some components they don't use. Skipping revbump given it's an unusual configuration given users normally don't pass this in *FLAGS but rather rely on the toolchain's defaults. mingw64-toolchain-11.0.1 will also be keyworded in not that long for rebuilds. Only needed for mingw runtime, so the toolchain itself is still using it through the system-wide defaults. May revisit eventually. Not doing this for crossdev+mingw64-runtime main package again, these are for more expert use in the first place. Bug: https://bugs.gentoo.org/870136 Closes: https://bugs.gentoo.org/931512 Signed-off-by: Ionen Wolkens <ionen <AT> gentoo.org> dev-util/mingw64-toolchain/mingw64-toolchain-11.0.0_p2.ebuild | 6 ++++++ dev-util/mingw64-toolchain/mingw64-toolchain-11.0.1.ebuild | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/dev-util/mingw64-toolchain/mingw64-toolchain-11.0.0_p2.ebuild b/dev-util/mingw64-toolchain/mingw64-toolchain-11.0.0_p2.ebuild index 68c62e65ac14..1e512377b27b 100644 --- a/dev-util/mingw64-toolchain/mingw64-toolchain-11.0.0_p2.ebuild +++ b/dev-util/mingw64-toolchain/mingw64-toolchain-11.0.0_p2.ebuild @@ -211,6 +211,12 @@ src_compile() { filter-flags '-fuse-ld=*' filter-flags '-mfunction-return=thunk*' #878849 + # support for stack-protector is still new and experimental + # for mingw and issues can also be harder to debug + fix for + # upstreams using it, if feeling concerned about security + # would advise to either not use wine or at least contain it + use custom-cflags || filter-flags '-fstack-protector*' #931512 + # some bashrc-mv users tend to do CFLAGS="${LDFLAGS}" and then # strip-unsupported-flags miss these during compile-only tests # (primarily done for 23.0 profiles' -z, not full coverage) diff --git a/dev-util/mingw64-toolchain/mingw64-toolchain-11.0.1.ebuild b/dev-util/mingw64-toolchain/mingw64-toolchain-11.0.1.ebuild index 4003b26827a8..09f8b50f64a4 100644 --- a/dev-util/mingw64-toolchain/mingw64-toolchain-11.0.1.ebuild +++ b/dev-util/mingw64-toolchain/mingw64-toolchain-11.0.1.ebuild @@ -221,6 +221,12 @@ src_compile() { filter-flags '-fuse-ld=*' filter-flags '-mfunction-return=thunk*' #878849 + # support for stack-protector is still new and experimental + # for mingw and issues can also be harder to debug + fix for + # upstreams using it, if feeling concerned about security + # would advise to either not use wine or at least contain it + use custom-cflags || filter-flags '-fstack-protector*' #931512 + # some bashrc-mv users tend to do CFLAGS="${LDFLAGS}" and then # strip-unsupported-flags miss these during compile-only tests # (primarily done for 23.0 profiles' -z, not full coverage)
